PFCP¶

The Packet Forwarding Control Protocol PFCP is a protocol used for communication between the UPF and SMF (control plane) in 5G networks.

Before the UPF can start forwarding packets, it must be associated with the SMF, who then configures user sessions.

Gateways between the mobile network and the Internet can be configured using network instances mapping an Access Point Name APN to a VRF and a GTP interface.

Only a single instance of this service is allowed to run across all namespaces.

Here is a basic configuration example where the PFCP service is configured with a gateway:

dut-vm> edit running
dut-vm running config# vrf main interface gtp gtp0 enabled true
dut-vm running config# vrf main pfcp enabled true
dut-vm running config# vrf main pfcp network-instance internet interface gtp0 vrf main
dut-vm running config# commit
Configuration committed.

Note

At least one network instance must be provided for the configuration to be valid.

To display the PFCP service state:

dut-vm running vrf main# show state pfcp
pfcp
  enabled true
  verbose false
  address 10.175.0.2
  network-instance internet
      interface gtp0
      vrf main
      ..
  ..

The same configuration can be made using this NETCONF XML configuration:

vsr running config# show config xml absolute vrf main pfcp
<config xmlns="urn:6wind:vrouter">
  <vrf>
    <name>main</name>
    <pfcp xmlns="urn:6wind:vrouter/upf">
      <enabled>true</enabled>
      <verbose>true</verbose>
      <address>10.175.0.2</address>
      <network-instance>
        <access-point-name>internet</access-point-name>
        <interface>gtp0</interface>
        <vrf>main</vrf>
      </network-instance>
    </pfcp>
  </vrf>
</config>

GTP resources allocation¶

Because the maximum number of GTP tunnels and associated resources cannot be increased without restarting the fast path, configuring upper limits may be necessary to meet the requirements of the target use case.

Please note that while it is possible to configure those parameters freely, limits on the number of GTP tunnels that can be processed at the same time will be enforced according to what is allowed in the product license.

This means that in the case more tunnels than what is allowed are created, no traffic will pass through the extra tunnels. Once the excess use comes to an end, traffic will be allowed to pass again through those tunnels.

The following items can be configured:

Maximum number of GTP interfaces (gtp-max-if).

At least one GTP inferface must be created and configured in order to route downlink MS traffic from a data network. More interfaces can be used to aggregate and manage groups of MS, combined with VRFs for example.

Maximum number of GTP tunnels the data plane can handle (gtp-max-pdp).

Each tunnel is represented by a PDP context. The number of contexts necessary for a given PDU session depends on the PFCP role defined for that session.

Although only one context is required when acting as a PDU session anchor (PSA, also known as “gateway”), two are required when acting as a relay. In other words, if all sessions are relayed, gtp-max-pdp must be at least twice the number of expected sessions.

Maximum number of QoS flows that can be allocated globally (gtp-qos-flow).

Since 5G requires a minimum of one default QoS flow per PDU session, the recommended value is the same as for gtp-max-pdp. Note that sessions often use more than one QoS flow though. 5G allows up to 63 QFIs per session.

Maximum number of QoS policies that can be allocated globally (gtp-qos-policy).

SDF filters are implemented as QoS policies, so each SDF filter defined for a PDU session needs one (two if relaying). If unsure, do not use a value lower than gtp-max-pdp.

The following configuration example supports 32 GTP interfaces, 200000 PDP context and 800000 QoS flows. The number of QoS policies is the same as the number of QoS flows.

dut-vm> edit running
dut-vm running config# system fast-path limits gtp-max-if 32
dut-vm running config# system fast-path limits gtp-max-pdp 200000
gw1-vm running config# system fast-path limits gtp-max-qos-flow 800000
gw1-vm running config# system fast-path limits gtp-max-qos-policy 800000
dut-vm running config# commit
Configuration committed.

To display the usage state of set limits:

dut-vm running config# show fast-path table-usage
Table          Usage
=====          =====
[...]
gtp-if         1/32
gtp-pdp        0/200000
gtp-qos-flow   0/800000
gtp-qos-policy 0/800000

dut-vm running config# show state system fast-path limits
limits
    gtp-cur-if 1
    gtp-cur-pdp 0
    gtp-cur-qos-flow 0
    gtp-cur-qos-policy 0
    [...]
    gtp-max-if 32
    gtp-max-pdp 200000
    gtp-max-qos-flow 800000
    gtp-max-qos-policy 800000
    [...]

The following configuration can be made using this NETCONF XML configuration:

gw1-vm running config# show config xml system fast-path limits
<limits xmlns="urn:6wind:vrouter/fast-path">
  <gtp-max-if>32</gtp-max-if>
  <gtp-max-pdp>200000</gtp-max-pdp>
  <gtp-max-qos-flow>800000</gtp-max-qos-flow>
  <gtp-max-qos-policy>800000</gtp-max-qos-policy>
</limits>